Fix change_field() buffer underrun

* lib/fields.c (change_field): Don't point
before array start; that has undefined behavior.

Signed-off-by: Paul Eggert <eggert@cs.ucla.edu>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>

diff --git a/lib/fields.c b/lib/fields.c
index fa5fd1567cfcc62880353a65f5c4fb464b3c05e7..640be931f3b000e063f270ed31f0baa96270df6b 100644 (file)
--- a/lib/fields.c
+++ b/lib/fields.c
@@ -91,8 +91,9 @@ void change_field (char *buf, size_t maxsize, const char *prompt)
                 * entering a space.  --marekm
                 */
 
-               while (--cp >= newf && isspace (*cp));
-               cp++;
+               while (newf < cp && isspace (cp[-1])) {
+                       cp--;
+               }
                *cp = '\0';
 
                cp = newf;